Retired Artist Loses $2 Million in Crypto to Coinbase Impersonator: A Cautionary Tale Amid Rising Crypto Scams and Exchange Breaches

Ed Suman, a 67-year-old retired artist and former fabricator who contributed to iconic works such as Jeff Koons’ Balloon Dog sculptures, suffered a devastating loss of over $2 million in cryptocurrency earlier this year after falling victim to a sophisticated scam involving impersonation of Coinbase support staff. This incident highlights the growing risks crypto investors face from social engineering attacks, especially in the wake of recent data breaches at major exchanges.

The Scam: How a Trusted Appearance Led to a Massive Loss

Suman had spent nearly two decades in the art world before retiring and turning his attention to cryptocurrency investing. Over time, he accumulated a portfolio comprising 17.5 Bitcoin (BTC) and 225 Ether (ETH), which represented the bulk of his retirement savings.

To secure his assets, Suman used a Trezor Model One hardware wallet, a device designed to protect crypto holdings from online hacks by storing private keys offline. Despite this prudent step, he became the target of a well-executed scam.

In March 2025, Suman received a text message that appeared to come from Coinbase, warning him of unauthorized access to his account. Trusting the message, he responded and soon after received a phone call from a man identifying himself as “Brett Miller,” a Coinbase security staffer.

The caller demonstrated detailed knowledge about Suman’s holdings and hardware wallet, which lent credibility to the ruse. He convinced Suman that despite using a hardware wallet, his funds were still vulnerable and guided him through a “security procedure.” This involved entering his seed phrase-the master key to his wallet-on a phishing website mimicking Coinbase’s official interface.

Nine days later, a second caller, again impersonating Coinbase personnel, repeated the process. By the end of the second call, Suman’s entire crypto portfolio had been drained.

The Growing Threat of Social Engineering in Crypto

Suman’s case is emblematic of a broader surge in social engineering scams targeting crypto holders. Unlike traditional hacks that exploit software vulnerabilities, these scams prey on human trust and lack of awareness.

Attackers often use:

• Phishing Messages: Fake texts or emails purporting to be from exchanges or wallet providers.

• Impersonation Calls: Fraudsters posing as customer support or security staff.

• Fake Websites: Cloned interfaces designed to capture sensitive information like seed phrases or private keys.

Even experienced users can fall victim, especially when attackers leverage stolen personal data to appear authentic.

Coinbase Data Breach: A Catalyst for Increased Scam Activity

This scam followed a major data breach at Coinbase disclosed in May 2025. According to reports, attackers bribed customer support agents based in India to access sensitive user information, including names, account balances, and transaction histories.

Coinbase confirmed that approximately 1% of its monthly transacting users were affected. Among those impacted was venture capitalist Roelof Botha of Sequoia Capital, though there is no evidence his funds were compromised.

In response, Coinbase terminated the contracted agents involved and announced plans to pay between $180 million and $400 million in remediation and reimbursements to affected users.

The breach has heightened concerns about the security of centralized exchanges and underscored the importance of user vigilance.

Lessons and Security Tips for Crypto Holders

Suman’s loss serves as a stark reminder of the critical need for robust personal security practices in the crypto space:

• Never Share Your Seed Phrase: Legitimate support staff will never ask for your seed phrase or private keys.

• Verify Communications: Always verify the identity of anyone contacting you about your crypto holdings. Use official channels and contact information.

• Beware of Urgency and Pressure: Scammers often create a sense of urgency to prompt rash decisions.

• Use Hardware Wallets and Cold Storage: While not foolproof, hardware wallets significantly reduce online attack vectors.

• Enable Two-Factor Authentication (2FA): Use strong 2FA methods to protect exchange and wallet accounts.

• Stay Informed: Follow official announcements from exchanges and reputable crypto news sources.

The Human Cost of Crypto Scams

Beyond financial loss, victims like Ed Suman face emotional distress and a profound sense of betrayal. For many, crypto holdings represent life savings or retirement funds, making such scams particularly devastating.

Community efforts to educate users and improve security awareness are vital to mitigating these risks. Industry players are also investing in better fraud detection and customer protection technologies.

Conclusion: Vigilance Is Key in the Evolving Crypto Landscape

The incident involving Ed Suman is a cautionary tale illustrating how even prudent crypto users can fall prey to sophisticated scams, especially in an environment complicated by exchange data breaches.

As the crypto ecosystem matures, users must remain vigilant, prioritize security, and approach unsolicited communications with skepticism. Exchanges and wallet providers must continue enhancing security protocols and user education to safeguard the growing number of crypto investors worldwide.